Bỏ qua để đến Nội dung
Câu hỏi này đã bị gắn cờ
webservicesaccessoriginallowCORS
7 Trả lời
36255 Lượt xem
Ảnh đại diện
Fernando La Chica Mera

Hi, I'm developing an App with Cordova with which I intend to consume services Odoo. If launched the App with an emulator of Cordova as "ripple emulate" gives me error 404. Doing a little research I see that is related to that default CORS not allowed. I have the same problem if I want to consume the webservice from a web page installed in a different domain of Odoo. I have no problems in playing with the application if I have it installed on the device but I always try to compile and install and that is time consuming.

Have you got enabled CORS in Odoo? How I can do to add the allow-access-from domain * a werkzug header? Thank you.

Ảnh đại diện
Huỷ bỏ
Fernando La Chica Mera
Tác giả

No one has faced the problem of access to external web via webservice to Odoo?

Ảnh đại diện
Fernando La Chica Mera
Tác giả Câu trả lời hay nhất

I managed to consume the XML-RPC service from a Web App. I use https://github.com/timheap/jquery-xmlrpc

To make it work I had to modify the file <Odoo> /openerp/service/wsgi_server.py in the following procedures


def xmlrpc_return(start_response, service, method, params, string_faultcode=False):
    """
    Helper to call a service's method with some params, using a wsgi-supplied
    ``start_response`` callback.
    This is the place to look at to see the mapping between core exceptions
    and XML-RPC fault codes.
    """
    # Map OpenERP core exceptions to XML-RPC fault codes. Specific exceptions
    # defined in ``openerp.exceptions`` are mapped to specific fault codes;
    # all the other exceptions are mapped to the generic
    # RPC_FAULT_CODE_APPLICATION_ERROR value.
    # This also mimics SimpleXMLRPCDispatcher._marshaled_dispatch() for
    # exception handling.
    try:
        result = openerp.http.dispatch_rpc(service, method, params)
        response = xmlrpclib.dumps((result,), methodresponse=1, allow_none=False, encoding=None)
    except Exception, e:
        if string_faultcode:
            response = xmlrpc_handle_exception_string(e)
        else:
            response = xmlrpc_handle_exception_int(e)
    start_response("200 OK", [
                              ('Content-Type','text/xml'),('Content-Length', str(len(response))),
                              ('Access-Control-Allow-Origin','*'),
                              ('Access-Control-Allow-Methods','POST, GET, OPTIONS'),
                              ('Access-Control-Max-Age',1000),
                              ('Access-Control-Allow-Headers','origin, x-csrftoken, content-type, accept'),
                    ]
                )
    return [response]
def wsgi_xmlrpc(environ, start_response):
    """ Two routes are available for XML-RPC
    /xmlrpc/<service> route returns faultCode as strings. This is a historic
    violation of the protocol kept for compatibility.
    /xmlrpc/2/<service> is a new route that returns faultCode as int and is
    therefore fully compliant.
    """
    if environ['REQUEST_METHOD'] == "OPTIONS":
        response = werkzeug.wrappers.Response('OPTIONS METHOD DETECTED') 
        response.headers['Access-Control-Allow-Origin'] = '*'
        response.headers['Access-Control-Allow-Methods'] = 'POST, GET, OPTIONS'
        response.headers['Access-Control-Max-Age'] = 1000
        # note that '*' is not valid for Access-Control-Allow-Headers
        response.headers['Access-Control-Allow-Headers'] = 'origin, x-csrftoken, content-type, accept'
        
        return response(environ, start_response)
    
    if environ['REQUEST_METHOD'] == 'POST' and environ['PATH_INFO'].startswith('/xmlrpc/'):
        length = int(environ['CONTENT_LENGTH'])
        data = environ['wsgi.input'].read(length)
        # Distinguish betweed the 2 faultCode modes
        string_faultcode = True
        if environ['PATH_INFO'].startswith('/xmlrpc/2/'):
            service = environ['PATH_INFO'][len('/xmlrpc/2/'):]
            string_faultcode = False
        else:
            service = environ['PATH_INFO'][len('/xmlrpc/'):]
        params, method = xmlrpclib.loads(data)
        return xmlrpc_return(start_response, service, method, params, string_faultcode)



Would you know tell me how to take these changes into an installable module? Would I have to go into the core?

Ảnh đại diện
Huỷ bỏ
El mehdi EL OUALI

hi Fernando

I want to make ionic app to get data from odoo 12 server and i have been blocked by CORS policy, you have any solution for my issue

Fernando La Chica Mera
Tác giả

I'm sorry I can't help you. This solution I implemented was used in older versions of Odoo and I don't think it works in a current one. Surely someone knows what settings they should apply to not be blocked by CORS. If not, doing something similar should serve you.

Ảnh đại diện
Choosak Songsawang
Câu trả lời hay nhất

Hello

I researched on internet for a while, here are information and solution I would like to share:

1) I have modified "odoo\http.py" and also "odoo\service\wsgi_server.py" but had no luck.

2) I installed chrome plug-in to bypass "Cross-Origin Resource Sharing" also not working.

3) I also built ".apk" package and ran on real mobile device, also not working

Finally :)

4) I call odoo api through proxy server running nginx, no cors error anymore.

Hope this help.


Ảnh đại diện
Huỷ bỏ
Ảnh đại diện
Ravi Gadhia
Câu trả lời hay nhất

Hi

To enable CORS for a particular route/endpoint you can pass cors params on a route like

@http.route('/my/route', type='json', auth='none', cors='*')  

def my_route(self):      

        ........

if you want to enable CORS for all the routes(not recommended) here are few options​

  • override werkzeug Response wrapper class ref \https://github.com/odoo/odoo/blob/12.0/odoo/http.py#L1245  

  • Nginx configuration can enable CORS

  • you can create werkzeug middleware for it

Ảnh đại diện
Huỷ bỏ
Mohamed Mamdouh Shehata

Hello, I am building an odoo 13 app for my graduation project, can anyone help please

Ảnh đại diện
Carlos
Câu trả lời hay nhất

I Want to make the same in Angular 7 i need somthing to avoid cors ¿any help?

Ảnh đại diện
Huỷ bỏ
Bài viết liên quan Trả lời Lượt xem Hoạt động
How to assign a user to admin on sales, customer invoices and inventory
access
Ảnh đại diện
Ảnh đại diện
1
thg 3 25
1438
Granting Payslip Access to a Portal User: Troubleshooting Custom Group Permissions
access
Ảnh đại diện
0
thg 8 25
1421
How to change existing access right of some model in a ir.model.access.csv? Đã xử lý
access
Ảnh đại diện
Ảnh đại diện
Ảnh đại diện
2
thg 4 23
25705
Where is my design on website of odoo stored?
webservices
Ảnh đại diện
Ảnh đại diện
Ảnh đại diện
2
thg 10 21
3673
How to create Hierarchical Access Rights Control
access
Ảnh đại diện
0
thg 12 20
3262